package com.woniuxy.carrental.configuration;

import com.woniuxy.carrental.realm.EmpRealm;
import org.apache.shiro.authc.credential.CredentialsMatcher;
import org.apache.shiro.authc.credential.HashedCredentialsMatcher;
import org.apache.shiro.cache.MemoryConstrainedCacheManager;
import org.apache.shiro.spring.web.ShiroFilterFactoryBean;
import org.apache.shiro.web.mgt.DefaultWebSecurityManager;
import org.springframework.context.annotation.Bean;
import org.springframework.context.annotation.Configuration;

import java.util.LinkedHashMap;
import java.util.Map;

/**
 * @author author
 * @create 2021-09-30 15:24
 */
@Configuration
public class ShiroConfiguration {

    /**
     * 配置凭证匹配器
     */
    @Bean
   public HashedCredentialsMatcher hashedCredentialsMatcher() {
        HashedCredentialsMatcher hashedCredentialsMatcher =
                new HashedCredentialsMatcher();
//       hashedCredentialsMatcher.setHashIterations(3);
//       hashedCredentialsMatcher.setHashAlgorithmName("MD5");
        return  hashedCredentialsMatcher;
  }

//    授权缓存
    @Bean
    public MemoryConstrainedCacheManager memoryConstrainedCacheManager(){

        return new MemoryConstrainedCacheManager();
    }
    /**
     * 配置自定义Realm
     */
    //CredentialsMatcher credentialsMatcher,
    @Bean
    public EmpRealm empRealm(CredentialsMatcher credentialsMatcher, MemoryConstrainedCacheManager memoryConstrainedCacheManager){
        EmpRealm empRealm=new EmpRealm();
        //empRealm.setCredentialsMatcher(credentialsMatcher);
        empRealm.setCacheManager(memoryConstrainedCacheManager);
        return empRealm;
    }
    /**
     * 配置安全管理
     * 配置类使用另一个bean,就直接声明成参数
     */
    @Bean
    public DefaultWebSecurityManager defaultWebSecurityManager(EmpRealm empRealm){
        DefaultWebSecurityManager defaultWebSecurityManager=
                new DefaultWebSecurityManager();
        defaultWebSecurityManager.setRealm(empRealm);
        return defaultWebSecurityManager;
    }
    /**
     * Web中整合Shiro底层是靠过滤器
     */
    @Bean
    public ShiroFilterFactoryBean shiroFilterFactoryBean(
            DefaultWebSecurityManager defaultWebSecurityManager){

        ShiroFilterFactoryBean shiroFilterFactoryBean=new ShiroFilterFactoryBean();
        //设置安全管理
        shiroFilterFactoryBean.setSecurityManager(defaultWebSecurityManager);
        // 未授权时跳转的界面;
//        shiroFilterFactoryBean.setUnauthorizedUrl("/403");
        //配置过滤规则,多个过滤规则，
        //优先级顺序：先定义的优先级规则高，必须保证顺序
        Map<String,String> filtermap=new LinkedHashMap<String,String>();
        //anon:所有url都可以匿名访问
        //filtermap.put("/**", "anon");
        //authc:所有url必须通过认证才能访问
        filtermap.put("/admin/login", "anon");
//        filtermap.put("/css/**", "anon");
//        filtermap.put("/logout", "logout");
//        filtermap.put("/admin/addEmps", "perms[save]");
//        filtermap.put("/admin/deleteEmp/{account}", "perms[delete]");
//        filtermap.put("/admin/updateEmp", "perms[update]");
//        filtermap.put("/admin/getEmps", "perms[select]");
        filtermap.put("/**", "authc");
        //设置没有通过认证的用户，重定向到指定的页面(默认是index.jsp)
        shiroFilterFactoryBean.setLoginUrl("/login.html");
        shiroFilterFactoryBean.setFilterChainDefinitionMap(filtermap);
        return shiroFilterFactoryBean;
    }


}
